Yep. Totally agree.
In fact, these ports (25, 465 and 587) aren't even exposed off
docker-compose. So that's guaranteed at the container level. Entering
the container can only be done through the proxy protocol and its ports
on the container-set. This will basically simplify all my future
Dear Raf:
Thank you for the hint about UNIX sockets. I'll keep them. My only fear
is/was that they're inappropriate to use across containers and something
will break in the future. I guess I'll have to wait and see.
There's actually an open issue in OpenDKIM github with this request from
Dear Raf:
Thank you very much. I just tested my server with mxtoolbox, and all
seems good. I didn't realize mxtoolbox works without MX records, thanks
for that hint.
I applied 90% of your suggestions, and some I didn't out of fear. I'm
working on understanding them more.
I have two
On Sat, Dec 24, 2022 at 06:28:29AM +0400, Samer Afach
wrote:
> On 24/12/2022 5:30 AM, raf wrote:
> > On Fri, Dec 23, 2022 at 04:35:03PM +0400, Samer Afach
> > wrote:
> >
> > > About your great loud thought, my containers are versioned but there's
> > > no CI in there, and every
On Fri, Dec 23, 2022 at 01:14:26PM -0800, Jim Garrison wrote:
> I have Postfix running inside a private LAN as an outgoing relay via
> GMail (no incoming Internet connections). I have two goals
>
> 1. Relay only to one specific domain
> 2. Accept relay from only one specific LAN client
>
> So
On Fri, Dec 23, 2022 at 06:58:17PM +0400, Samer Afach
wrote:
> Dear postfix experts:
>
> I think I'm getting to the end of this problem. I was able to use haproxy to
> relay connections to my docker container with correct source information
> (and I'm seeing the correct IP addresses in the
Dear Raf:
That's actually what I do on all the bare-metal machines, but from my
understanding of how docker works, every container is made to run
exactly one service, and somehow default Linux images disable system
services. They can be re-enabled, but it's not the way it's meant to
work,
On Fri, Dec 23, 2022 at 04:35:03PM +0400, Samer Afach
wrote:
>About your great loud thought, my containers are versioned but there's
>no CI in there, and every launch for them recreates them. They're all
>based on either Debian or Ubuntu (depending on support for my
>
On 12/23/22 17:24, Wietse Venema wrote:
You should also include "postconf -P" for parameter settings in
master.cf.
Wietse
Not much there...
$ postconf -P
relay/unix/syslog_name = postfix/$service_name
--
Jim Garrison
j...@acm.org
You should also include "postconf -P" for parameter settings in
master.cf.
Wietse
On Fri, Dec 23, 2022 at 09:51:48AM +0400, Samer Afach
wrote:
> I see. Thank you for the explanation. So the right way to state this is that
> HELO/EHLO requires a valid FQDN/hostname only for MTAs, and for MUAs it's
> just ignored because authentication is what matters.
>
> Cheers,
> Sam
It's
On Fri, Dec 23, 2022 at 06:19:06AM +0400, Samer Afach
wrote:
> Btw, the relays happened because I actively changed mynetworks_style to
> subnet, forgetting and not checking that all incoming connections will come
> from the gateway of docker subnet. Still under research to identify how that
>
On Fri, Dec 23, 2022 at 06:20:08PM +0100, Gerben Wierda
wrote:
> I ran Mac OS X Server for years, then, when Apple dropped mail
> service, I switched to MacPorts so I could still do all my server
> stuff (macOS-specific and standard unix) on a single server. So, I
> am still running my postfix
I have Postfix running inside a private LAN as an outgoing relay via
GMail (no incoming Internet connections). I have two goals
1. Relay only to one specific domain
2. Accept relay from only one specific LAN client
So I configured the following (complete postconf -n appended below):
Dnia 23.12.2022 o godz. 18:20:08 Gerben Wierda pisze:
>
> I wonder how to do this if I am running postfix in a docker container, as
> docker will translate everything to its internal docker network and
> permit_mynetworks would be a problem.
There's a thread going on on this list right now about
Wishing you and your Family ...
Paul Kudla
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email p...@scom.ca
On 12/23/22 09:58, Samer Afach wrote:
> Dear postfix experts:
>
> I think I'm getting to the end of this problem. I was able to use
> haproxy to relay connections to my docker container with correct source
> information (and I'm seeing the correct IP addresses in the logs of
>
I ran Mac OS X Server for years, then, when Apple dropped mail service, I
switched to MacPorts so I could still do all my server stuff (macOS-specific
and standard unix) on a single server. So, I am still running my postfix on
macOS now (with DKIM, using LE certs, reverse DNS for my mail fqdn,
I would recommend a "divide and conquer" or "separation of concerns"
approach.
On Fri, 23 Dec 2022, Samer Afach wrote:
[...]
Btw, the relays happened because I actively changed mynetworks_style to
subnet, forgetting and not checking that all incoming connections will come
from the gateway of
I've run a similar setup for my hosting needs, while not related to Docker
containers, you may find my configuration helpful and copy some parts.
More experienced postfix'ers can comment on my mistakes :)
https://gitlab.com/noumenia/aetolos/-/blob/master/modules/el8/postfix/maincf.tpl
Dear postfix experts:
I think I'm getting to the end of this problem. I was able to use
haproxy to relay connections to my docker container with correct source
information (and I'm seeing the correct IP addresses in the logs of
postfix/dovecot). I would appreciate it if you could take a look
Dear Matthias:
I completely agree with you. My only contention is that some times
simple solutions with simple assumptions are good enough, instead of
developing a nuclear silo for something that can be tested in an
hour and then tested with public tools. Reminds me of
Am 23.12.22 um 03:19 schrieb Samer Afach:
Dear Matthias,
I think there's a misunderstanding here. The server is already
shutdown. I thought you meant that I should shutdown the server
permanently and move on with my life because I'm incapable of running
a server, which seems to have been the
23 matches
Mail list logo
